Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Replace email@example.com by firstname.lastname@example.org (or latest) #13
✗ Medium severity vuln found in email@example.com, introduced via firstname.lastname@example.org
✗ Medium severity vuln found in email@example.com, introduced via firstname.lastname@example.org
so this is an exploit about using auth with unchecked user supplied credentials. The other issue is likewise around crypto that is not active or used in my application. Given that my use of request is an unauthenticated file transfer of text data, I would characterize my exposure surface to these issues as nonexistent. If this is the product of an institutional security autoscanner and we're just checking boxes in the name of security absolution, the right thing to do is submit a Pull Request with the change.